CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,715 Commits 24 Branches 119 Tags
c99e7da5a7aa0bb58a116d25ed1d94dd5ea9829c
Commit Graph

12715 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Corey Ogburn
451a4784a1 send-file and import-file security 
Encrypt the file with a passphrase before sending and decrypt the file with the same passphrase before importing.
 2023-06-20 09:41:14 -06:00
Corey Ogburn
1b7095fa81 Improved import-file url regex 
sed doesn't remove ALL whitespace, only newlines. It's better to stop at the first whitespace than to stop at a particular, maybe-not-last query string parameter.
 2023-06-20 09:41:14 -06:00
Corey Ogburn
89d789fe0f New folder for salt to maintain 
This folder is where a manager will initially store uploaded PCAP/EVTX files before sending to sensors. Sensors will store uploads in this folder on their own system.
 2023-06-20 09:41:14 -06:00
Corey Ogburn
49055e260f salt-relay import-file reporting 
On successful import, return dashboard URL
 2023-06-20 09:41:14 -06:00
Corey Ogburn
a465039887 2 new capabilities: send-file and import-file 2023-06-20 09:41:14 -06:00
Doug Burks
b60cf29598 Merge pull request #10618 from Security-Onion-Solutions/dougburks-patch-1 
Resolve conflicts with dataset PR
 2023-06-20 07:42:30 -04:00
Doug Burks
0e09d73aa0 Resolve conflicts with dataset PR 2023-06-20 07:40:10 -04:00
Doug Burks
520a5671ca Merge pull request #10617 from Security-Onion-Solutions/dougburks-patch-1 
Fix SOC Auth queries in Dashboards and Hunt
 2023-06-20 07:32:46 -04:00
Doug Burks
fc824359ed Update default fields for kratos.audit 2023-06-20 07:30:56 -04:00
Doug Burks
7caa7cec6b Fix SOC Auth queries in Dashboards and Hunt 
Change `event.dataset:audit` to `event.dataset:kratos.audit`.
 2023-06-20 07:13:33 -04:00
Josh Patterson
0695140f83 Merge pull request #10611 from Security-Onion-Solutions/2.4/ubuntu 
2.4/ubuntu
 2023-06-16 14:00:52 -04:00
m0duspwnens
ed1e2c8908 ignore failure notification for Ubuntu Failed to restart snapd 2023-06-16 13:58:45 -04:00
Jason Ertel
594900a8d4 Merge pull request #10609 from Security-Onion-Solutions/kilo 
webauthn for SOC
 2023-06-16 13:15:25 -04:00
Jason Ertel
6894fa4e4d Update VERSION 2023-06-16 13:09:01 -04:00
m0duspwnens
2334d82d36 fix salt install for ubuntu 2023-06-16 11:13:34 -04:00
Josh Patterson
c0a2ea3138 Merge pull request #10604 from Security-Onion-Solutions/2.4/receiver 
2.4/receiver
 2023-06-15 15:42:34 -04:00
m0duspwnens
d4acb1a33a Merge remote-tracking branch 'origin/2.4/dev' into 2.4/receiver 2023-06-15 15:32:49 -04:00
m0duspwnens
5de9e5baf4 allow sensor to logstash on receiver 2023-06-15 14:46:46 -04:00
Wes
3a34da354f Use append instead of set 2023-06-15 16:35:43 +00:00
m0duspwnens
469390696e 2.4 receiver changes 2023-06-15 11:04:16 -04:00
Josh Brower
0a4a48b61e Remove old var 2023-06-15 10:24:50 -04:00
Wes
58a63e0765 Remove extra comma 2023-06-15 14:22:37 +00:00
Doug Burks
251bc6f45e Merge pull request #10597 from Security-Onion-Solutions/dougburks-patch-1 
Update so_motd.jinja
 2023-06-15 09:59:25 -04:00
Doug Burks
b84d997f87 Update so_motd.jinja 2023-06-15 09:54:23 -04:00
Wes
b5bccc5e05 Use module in dataset name and add dataset tag 2023-06-15 13:06:57 +00:00
Jason Ertel
b4e5ac9796 Add note to advise against changing settings 2023-06-14 16:11:50 -04:00
m0duspwnens
2db95fe1b4 fw rules for receiver to managers 2023-06-14 15:24:14 -04:00
m0duspwnens
934b0f45a1 allow receiver to connect to salt manager 2023-06-14 15:08:07 -04:00
Jason Ertel
a88227d13f Merge branch '2.4/dev' into kilo 2023-06-14 13:34:15 -04:00
Jason Ertel
21a7b76352 webauthn 2023-06-14 13:33:31 -04:00
weslambert
03082339ca Merge pull request #10592 from Security-Onion-Solutions/fix/analyzer_dependencies 
Update analyzer dependencies
 2023-06-14 12:22:06 -04:00
m0duspwnens
8f6226b531 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/heavynode 2023-06-14 10:40:22 -04:00
m0duspwnens
2c4eccd7e0 2.4 heavynode changes 2023-06-14 10:40:05 -04:00
Josh Brower
fa57494694 Merge pull request #10584 from Security-Onion-Solutions/2.4/elasticagent-renaming 
Change Elastic Fleet Tarball naming
 2023-06-14 09:42:57 -04:00
weslambert
3f1741e75a Merge pull request #10585 from Security-Onion-Solutions/fix/elasticsearch_templates 
Update Elasticsearch templates for Fleet
 2023-06-14 09:33:23 -04:00
Wes
48331ce35b Add system.system component templates 2023-06-14 13:29:11 +00:00
Wes
c2ac60b82e Add system.system template and add event-mappings 2023-06-14 13:28:00 +00:00
Josh Brower
fedfbe9fec Fix tarball output name 2023-06-14 08:52:56 -04:00
Josh Brower
9947f9def4 Rework tarball naming schema 2023-06-14 07:38:03 -04:00
Wes
c205438771 Update dependencies 2023-06-14 02:35:29 +00:00
Wes
8cde05807c Remove elastic-agent dir 2023-06-13 21:33:04 +00:00
Wes
2ac0aba916 Add osquery files 2023-06-13 21:32:02 +00:00
Wes
af003cc2a1 Add osquery templates 2023-06-13 20:43:39 +00:00
Josh Brower
0d4f6b4fe6 Change Elastic Fleet Tarball naming 2023-06-13 16:32:19 -04:00
Jason Ertel
7093254439 Merge pull request #10582 from Security-Onion-Solutions/jertel/pcap 
ensure status line shows dates for new and existing imports
 2023-06-13 15:16:43 -04:00
Wes
bd7644a557 Add another template 2023-06-13 19:13:20 +00:00
Jason Ertel
90b740a997 ensure status line shows dates for new and existing imports 2023-06-13 15:11:13 -04:00
Wes
5547a1b7ab Add event mappings 2023-06-13 18:23:50 +00:00
Wes
1b90fd8581 Add custom component templates 2023-06-13 18:21:45 +00:00
Doug Burks
bbdf7bb5a7 Merge pull request #10580 from Security-Onion-Solutions/dougburks-patch-1 
Set START and END variables earlier in so-import-pcap
 2023-06-13 13:31:16 -04:00